In August 2025, eighteen high-impact vulnerabilities were identified for prioritized remediation, down from 22 in July. The month saw a focus on Citrix and D-Link flaws, with active exploitation of Citrix NetScaler products and D-Link routers. OS Command Injection was the most common weakness. One vulnerability was linked to a malware campaign by the Russia-linked group RomCom. Six vulnerabilities allowed remote code execution, affecting WinRAR, Citrix, FreePBX, and Microsoft products. Notable exploits included a critical Citrix NetScaler flaw (CVE-2025-7775) and a WinRAR vulnerability (CVE-2025-8088) used by RomCom to deliver malware. Other significant vulnerabilities affected N-able N-central, Cisco Secure FMC, and Fortinet FortiSIEM. Author: AlienVault
Related Tags:
cve-2025-8876
patch management
cve-2025-8875
cve-2025-25256
cve-2025-20265
Mythic C2 agent
T1588.006
cve-2025-8088
deserialization
Associated Indicators:
0517D413BEB3E124E773D7CCC1983B226D6593D1F46A81BA7E79A8B48D6242FA
AE687BEF963CB30A3788E34CC18046F54C41FFBA
AB79081D0E26EA278D3D45DA247335A545D0512E
4C458B976B583CDA61AA8FA2827AB2CC
FFA24CB3547347A9B442D8015BF56F82
srlaptop.com
gohazeldale.com
campanole.com
melamorri.com